Agent skills for AI coding agents — adversarial analysis, security assessment, quality gates, and engineering best practices. Compatible with GitHub Copilot, Claude Code, Cursor, Windsurf, Cline, Codex, Gemini CLI and 40+ more.
| Skill | Description | Version | Install |
|---|---|---|---|
| 🔴 devils-advocate | Mandatory adversarial risk gate — intercepts every plan before execution, blocks all actions until you explicitly approve |  |
npx skills add carrilloapps/skills@devils-advocate |
| 🛡️ sar-cybersecurity | Automated Security Assessment Report (SAR) generator — deep cybersecurity analysis mapped to 20+ compliance standards |  |
npx skills add carrilloapps/skills@sar-cybersecurity |
| 🔜 postmortem-writing | Post-incident analysis — structured postmortem reports with root cause analysis, timeline reconstruction, and lessons learned | Planned | — |
# Install all skills at once
npx skills add carrilloapps/skills
# Install a specific skill
npx skills add carrilloapps/skills@devils-advocate
npx skills add carrilloapps/skills@sar-cybersecuritynpx skills add carrilloapps/skills@devils-advocate -a github-copilot
npx skills add carrilloapps/skills@sar-cybersecurity -a claude-code
npx skills add carrilloapps/skills@devils-advocate -a cursor
npx skills add carrilloapps/skills@sar-cybersecurity -a windsurfnpx skills add carrilloapps/skills -gnpx skills check # Check for newer versions
npx skills update # Update all installed skills🔴 Devil's Advocate · 
The mandatory adversarial analysis gate for 40+ AI coding agents — runs first, before any action.
AI tools are increasingly capable of executing complex, multi-step operations — creating files, calling APIs, running migrations, deploying services. Devil's Advocate adds the adversarial voice that asks: "Should we?"
How it works:
INTERCEPT → ANALYSE → REPORT → GATE
│ │ │ │
│ Load relevant │ ✅ Proceed
│ frameworks │ 🔁 Revise
Detect (max 2) Full ❌ Cancel
plan output
Protocol stack:
| Protocol | Trigger | Effect |
|---|---|---|
| ⚡ Immediate Report | First 🟠 High or 🔴 Critical finding | Flash alert + context request mid-sweep |
| 🛑 Handbrake | Any 🔴 Critical finding | Full stop + specialist escalation |
| 📄 Full Report | After context or continue |
Structured adversarial analysis |
| 🚦 Gate | After full report | Waits for ✅ / 🔁 / ❌ |
12 domains covered:
| Domain | Framework |
|---|---|
| Architecture | Distributed systems, coupling, CAP theorem, API design |
| Security | STRIDE threat model, supply chain, insider threats |
| Performance | Bottlenecks, scalability limits, anti-patterns |
| Developer / Code | Testing gaps, CI/CD risks, dependency management |
| Data & Analytics | Pipeline reliability, PII governance, ML bias |
| Product | Feature validation, launch risk, regulatory compliance |
| UX / Design | Dark patterns, WCAG accessibility, cognitive load |
| Strategy | Build vs. buy, vendor risk, Type 1/2 decisions |
| AI Optimization | Context window budget, instruction conflicts, hallucination risk |
| Version Control | Branch protection, secrets-in-repo, force push hazards |
| Vulnerability Patterns | DB, API, business logic, infrastructure & cloud patterns |
| General Analysis | 5-step analysis: attack surfaces, FMEA, edge cases |
Includes: 18 domain & protocol frameworks · 2 structured checklists · 12 real-world examples · Building Protocol for code quality enforcement
→ Full documentation: skills/devils-advocate/README.md
🛡️ SAR Cybersecurity · 
Automated Security Assessment Report (SAR) generator — deep cybersecurity analysis mapped to 20+ compliance standards.
Transforms any AI agent into a senior cybersecurity expert that produces professional, bilingual (EN/ES) Security Assessment Reports with full compliance standard mapping.
How it works:
MAP → TRACE → EVALUATE → SCORE → DOCUMENT
│ │ │ │ │
Entry Full Existing 0–100 Bilingual
points call controls net EN + ES
chain (auth, risk cross-linked
WAF, etc.) reports
Assessment coverage:
| Category | What is analyzed |
|---|---|
| Injection Patterns | SQL, NoSQL operator, Regex/ReDoS, Mass Assignment, GraphQL abuse, ORM/ODM-specific |
| Storage & Exfiltration | S3/GCS/Azure Blob, secrets in source, file uploads, logging, message queues, CDN, IaC |
| Database Access | SQL (PostgreSQL, MySQL), NoSQL (MongoDB, DynamoDB), Redis — index verification, bounded queries |
| Compliance Mapping | 20+ standards: ISO 27001, NIST, OWASP, PCI-DSS, GDPR, MITRE ATT&CK, and more |
Key features:
- Scores based on net effective risk (after controls), not isolated code
- Progressive context loading — modular architecture prevents context window saturation
- Read-only operation — writes only to
docs/security/, never modifies source code - 8 canonical edge cases with reference outputs for consistent scoring behavior
Includes: 6 protocol & domain frameworks · 8 canonical edge case examples · Progressive context loading with max 2 frameworks per assessment
→ Full documentation: skills/sar-cybersecurity/README.md
┌─────────────────────────────────────────────────────┐
│ 🔴 Devil's Advocate │
│ Runs FIRST — adversarial gate for ANY action │
│ 12 risk domains · 18 frameworks · 12 examples │
└──────────────────────┬──────────────────────────────┘
│
│ ✅ Proceed (user approved)
▼
┌─────────────────────────────────────────────────────┐
│ 🛡️ SAR Cybersecurity │
│ Deep security-specific analysis when requested │
│ 20+ standards · 6 injection families · 7 storage │
│ categories · bilingual EN/ES reports │
└──────────────────────┬──────────────────────────────┘
│
│ Incident occurs
▼
┌─────────────────────────────────────────────────────┐
│ 🔜 Postmortem Writing (planned) │
│ Post-incident analysis — root cause, timeline, │
│ lessons learned → feed back into Devil's Advocate │
└─────────────────────────────────────────────────────┘
Use Devil's Advocate as the adversarial gate for every decision, invoke SAR Cybersecurity for deep security assessments, and (when available) use Postmortem Writing after incidents to close the feedback loop.
Works with every agent supported by the skills.sh ecosystem:
| Agent | --agent flag |
Agent | --agent flag |
|---|---|---|---|
| GitHub Copilot | github-copilot |
Goose | goose |
| Claude Code | claude-code |
Continue | continue |
| Cursor | cursor |
Amp / Kimi CLI | amp |
| Windsurf | windsurf |
Antigravity | antigravity |
| Cline | cline |
Augment | augment |
| OpenAI Codex | codex |
Droid | droid |
| Gemini CLI | gemini-cli |
Kilo Code | kilo |
| OpenCode | opencode |
Kiro CLI | kiro-cli |
| Roo Code | roo |
OpenHands | openhands |
| Trae / Trae CN | trae |
Zencoder | zencoder |
Over 40 agents supported. Run
npx skills add --listfor the full list.
carrilloapps/skills/
├── AGENTS.md ← AI agent entry point (loads DA gate)
├── CHANGELOG.md ← version history
├── LICENSE ← MIT
├── README.md ← this file
├── scripts/
│ └── validate.sh ← CI quality gate (49 checks)
└── skills/
├── devils-advocate/ ← npx skills add carrilloapps/skills@devils-advocate
│ ├── SKILL.md ← always loaded by agents
│ ├── README.md ← full documentation
│ ├── metadata.json ← skill metadata
│ ├── frameworks/ ← 18 domain & protocol frameworks
│ ├── checklists/ ← 2 structured risk checklists
│ └── examples/ ← 12 real-world analysis examples
└── sar-cybersecurity/ ← npx skills add carrilloapps/skills@sar-cybersecurity
├── SKILL.md ← always loaded (~115 lines, progressive loading)
├── README.md ← full documentation
├── metadata.json ← skill metadata
├── frameworks/ ← 6 protocol & domain frameworks (on-demand)
└── examples/ ← 8 canonical edge case examples
Each skill is self-contained and independently installable via @<skill-name>.
Every change is validated against 49 automated checks before merging:
bash scripts/validate.shChecks include: version consistency, fence balance, index completeness, stale text detection, framework file resolution, example Gate blocks, token budget compliance, and more.
Contributions are welcome! See CONTRIBUTING.md for:
- How to add new skills, frameworks, or examples
- Quality standards and PR process
- Version cascade checklist
Please read CODE_OF_CONDUCT.md before contributing.
Security issues → SECURITY.md. Do not open a public issue for security concerns.
MIT — free to use, modify, and distribute. Attribution appreciated.
See CHANGELOG.md for the full version history.
José Carrillo — carrillo.app
